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AMENDMENTS TO THE CLAIMS; 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1. (Currently Amended) A computer/network interface device comprising: 

a first hardware interface physically disposed in said device for receiving data from a first 
zone in a first zone data format; 

means disposed within said device for processing said received data through performance 
of a cryptographic operation on at least a portion thereof; 

a second hardware interface disposed in said device for sending said processed data to a 
second zone in a second zone data format; 

one of said interfaces being connectable to a host computer system; and 

means disposed within said device arranged to pass said processed data exclusively from 
said processing means to said second interface within said device . 

2. (Currently Amended) A computer/network interface device as in claim 1 further 
comprising: 

means disposed within said device arranged to convert said received data in said first 
zone data format into at least one data format other than said first zone data format prior to said 
data processing. 

3. (Currently Amended) A computer/network interface device as in claim 1 further 
comprising: 
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means disposed within said device arranged to transform the data format of said received 
data from said first zone at least twice prior to said data processing. 

4. (Currently Amended) A computer/network interface device as in claim 1 in 
which said first zone data format is packetized data, said device further comprising: 

means disposed within said device for reading at least one item of identification data 
from each packet; 

wherein said processing means is arranged to process each respective packet in 
dependence on each corresponding item of identification data. 

5. (Currently Amended) A computer/network interface device as in claim 4 further 
comprising: 

a store located within said device for storing one or more rules, each rule being linked 
with at least one of item of identification data; wherein 

said processing means is arranged to process each packet in dependence upon the rule 
linked with the corresponding item(s) of identification data. 

6. (Currently Amended) A computer/network interface device as in claim 1 wherein 
one of the first and second interfaces is suitable for connection to asaid host such that the data 
format utilized by such a connected interface is one utilized by the host. 

7. (Currently Amended) A computer/network interface device as claimed in claim 
5, wherein one of the first and second interfaces is suitable for connection to a said host such that 
the data format utilized by such a connected interface is one utilized by the host in which, in 
response to receiving at least one control packet including at least an item of control 
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identification data and control instructions through the other interface which is not connected to 
the host and reading said item of control identification data from a control packet, said 
processing means is arranged to change said rules in said store in dependence upon said 
corresponding control instructions. 

8. (Currently Amended) A computer/network interface device comprising: 
a first hardware interface disposed in said device for receiving data from a first 

authorized party in a first data format; 

means disposed within said device for processing said received data through performance 
of a computational operation on at least a portion thereof; 

a second hardware interface disposed in said device for sending said processed data to a 
second authorized party in a second data format; 

means disposed within said device arranged to pass said processed data exclusively from 
said processing means to said second interface within said device ; 

wherein said operation performed by said processing means is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

9. (Currently Amended) A method of operating a computer/network interface 
device comprising: 

receiving data at a first hardware interface disposed in said device from a first zone in a 
first zone data format; 
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processing said received data within said device through performance of a cryptographic 
operation on at least a portion thereof; 

passing said processed data within said device exclusively from said processing means to 
a second hardware interface disposed in said device ; 

one of said interfaces being connected to a host computer system; and 

sending said processed data from said second interface to a second zone in a second zone 
data format. 

10. (Currently Amended) A method of operating a computer/network interface 
device as in claim 9 further comprising: 

converting said received data within said device in said first zone data format into at least 
one further data format prior to said processing. 

11. (Currently Amended) A method of operating a computer/network interface 
device as in claim 9 further comprising transformin g, within said device, the data format of said 
received data from said first zone at least twice prior to said processing. 

12. (Currently Amended) A method of operating a computer/network interface 
device comprising: 

receiving data at a first hardware interface of said device from a first authorized party in a 
first data format; 

processing said received data within said device through performance of a computational 
operation on at least a portion thereof; 
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passing said processed data within said device exclusively to a second hardware interface 

of said device ; 

at least one of said interfaces being connected to a host computer system; 
sending said processed data from said second interface to a second authorized party in a 
second data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

13. (Currently Amended) A host/network interface apparatus comprising: 

a first hardware port connectable for communication with said host using a an internal 
data format used internally by said host; 

a second hardware port connectable for communication with said network using a 
network data format; 

means disposed within said interface apparatus for processing data received from at least 
one of said ports through performance of a cryptographic operation on at least a portion of said 
received data; and 

means disposed within said interface apparatus arranged to pass said processed data 
exclusively from said means for processing to the other of said ports. 

14. (Currently Amended) A host/network interface device as in claim 13 further 
comprising: 
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means disposed within said interface apparatus arranged to convert said received data in 
either said internal data format or said network data format into at least one data format other 
than said internal data format or network data format prior to said data processing. 

15. (Currently Amended) A host/network interface device as in claim 13 further 
comprising: 

means disposed within said interface apparatus arranged to transform the data format of 
said received data from said internal data format or network data format at least twice prior to 
said data processing. 

16. (Currently Amended) A host/network interface device as in claim 13 in which 
said internal data format or network data format is packetized data, said device further 
comprising: 

means disposed within said interface device for reading at least one item of identification 
data from each packet; 

wherein said processing means is arranged to process each respective packet in 
dependence on each corresponding item of identification data. 

17. (Currently Amended) A host network interface device as in claim 16 further 
comprising: 

a store disposed within said interface device for storing one or more rules, each rule being 
linked with at least one of item of identification data; 

wherein said processing means is arranged to process each packet in dependence upon 
the rule linked with the corresponding item(s) of identification data. 
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18. (Currently Amended) A host/network interface device as in claim 17 in which, in 
response to receiving at least one control packet including at least an item of control 
identification data and control instructions through said second hardware port and reading said 
item of control identification data from a control packet, said processing means is arranged to 
change said rules in said store in dependence upon said corresponding control instructions. 

19. (Currently Amended) A computer/network interface device comprising: 

a first hardware port connectable for receiving data from a first authorized party in a 
computer data format; 

a second hardware port for sending processed data to a second authorized party in a 
network data format; 

means disposed within said device for processing data received from at least one of said 
ports through performance of a computational operation on at least a portion of said received 
data; and 

means disposed within said device arranged to pass said processed data exclusively from 
said processing means to the other of said ports; 

wherein said operation performed by said processing means is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

20. (Currently Amended) A method of operating a computer/network interface 
device comprising: 
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receiving data at a first hardware port of the device from a first authorized party in a 
computer data format; 

processing said received computer data within said device through performance of a 
cryptographic operation on at least a portion thereof; 

passing said processed data exclusively from said processing means to a second hardware 
port of the device ; and 

sending said processed data from said second port to a second authorized party in a 
network data format. 

21. (Currently Amended) A method of operating a computer/network interface 
device as in claim 20 further comprising: 

convertin g, within said device, said received data in said computer data format into at 
least one further data format prior to said processing. 

22. (Currently Amended) A method of operating a computer/network interface 
device as in claim 20 further comprising transformin g, within said device, the data format of said 
received data from said first authorized party at least twice prior to said processing. 

23. (Currently Amended) A method of operating a computer/network interface 
device comprising: 

receiving data at a first hardware port of the device from a first authorized party in a 
computer data format; 

processing said received data in said device through performance of a computational 
operation on at least a portion thereof; 
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passing said processed data within said device exclusively to a second hardware port of 
the device ; 

sending said processed data from said second port to a second authorized party in a 
network data format; 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by an unauthorized party, the recovery of said received data from 
said processed data is computationally unfeasible. 

24. (Currently Amended) A host/network interface apparatus adapted to be plugged 
into a host, said apparatus comprising: 

a first hardware port at a plug connector on an apparatus housing for communications 
with said host using an internal data formal used internally by said host; 

a second hardware port at a plug connector on said apparatus housing for 
communications with said network using a network data format; 

means disposed within said housing for processing data received from at least one of said 
ports through performance of a cryptographic operation on at least a portion of said received 
data , said means for processing including self-contained cryptographic key data within said 
housing ; and 

means disposed within said housing arranged to pass said processed data exclusively 
from said processing means to the other of said ports. 
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